I'm specialized in Information and cyber security policy writing, IT security risk, cyber forensic investigation , malware analysis , VAPT , IT audit and compliance with 12 years of experience. I can help organizations with ISO 27001, SOC 2 or other compliance framework preparation, implementation, creating and updating policies and procedures. Information security policy and technical writing is the main specialty of me.
Over 12 year I gained knowledge on both sides of the table: Governance, Risk and Compliance (GRC) and security operation, implementation, engineering , cyber forensic investigation.
If your company need to be compliant for regulatory reasons or you are aiming at security certification (ISO 27001, SOC 2, GDPR) or you would like to level up your maturity in the security domain or simply just would like to consult and get informed of security best practices and need professional advice, my knowledge, experience, and skill can help you to achieve your goal and succeed! Please click on the "Invite to Job" button and let's talk!
My skills in Information (IT) and Cyber security includes:
- investigating cyber and information security incidents,
- Policy reviews, GAP analysis,
- Policy writing
- IT audit
- Risk assessment,
- Evaluation of operation/technology/procedure against current industry best practices or regulatory requirements.
- Information security awareness training and training material
- Compliance specific training (GDPR, SOC2, NIST)
I have the following certifications: CHFI ,CSCU ,VAPT
I'm familiar (I'm actively working with them on a day to day basis) with the following compliance and security frameworks:
ISO 27001, SOC 2 TSC, NIST CSF, GDPR,NIST 800-53, ISF SoGP, SANS, HIPPA, HITECH
You can keep ease of mind after we have agreed on the tasks, with more than 12 years of security industry experience independent operation is guaranteed. All the work is completed by myself therefore focus and attention to your project are guaranteed.